All Along the watchTowr - The Changing Face of Cybersecurity
watchTowr is a Continuous Attack Surface Management solution, helping organisations understand their cyber security posture in the eyes of an adversary.
AN EVERCHANGING LANDSCAPE
Cybersecurity is always evolving. Due to advancements in technology, the sector finds itself in a state of constant catch up as digital transformation continues to rapidly evolve many industries. For businesses and organizations, these advancements lead to additional vulnerabilities for attack. As a result, there has been a significant uptick in aggressive behavior across the digital landscape – driven by organized crime groups as well as state actors.
Where it used to take attackers weeks to weaponize and break into a target, but now the same activity is happening within hours, and thus the effort for organisations of an any size to maintain a strong security posture grows ever-steeper. Cybersecurity teams have less time to react and protect themselves from emerging threats and system weaknesses than ever before.
Historically, organizations have been able to use periodic scans and sporadic penetration tests to provide a point-in-time answer to the question of, “Are we vulnerable to being compromised right now?”. However, in this new reality, where bad actors weaponize within hours, innovative ways to protect against cyber threats have become the name of the game. No one has a more unique approach to cybersecurity than Ben Harris, the founder of watchTowr, a startup based in Singapore whose mission is to stay ahead of emerging cyber threats.
FORMER DROP OUT TURNS CYBERSECURITY EXPERT
It seems unlikely there are many CEOs for whom computer hacking is the integral thread woven throughout their lives – but that is precisely Ben’s experience. His first connection to hacking occurred during a visit to the library at his boarding school. He discovered an article about a group who were arrested for hacking into the Department of Defense computer systems, straight from their bedrooms. For most 7-year-olds, this would be a cautionary tale but, for Ben, it made something in his brain click. From there, computers and hacking became an obsession.
By the age of 17, Ben’s computer skills became so advanced his school accused him of breaching its computer security. The school threatened to expel him and alert the police. This final event resulted in Ben leaving education and moving to, as he describes it, “the only place a dropout 17-year-old hacker can go – this magical industry called computer security.”
As Ben tells it, his interview for his first job at Portcullis Computer Security was a practical exam that involved breaking into a system. The key difference from his previous experience was that his love of hacking led to a job where he had the intellectual challenge not just of figuring out what hacks worked and what did not, but also using his skills to identify how organizations could thwart organized attacks. It was a match made in heaven.
Ben gained experience at Portcullis working with government bodies and large companies, simulating Aggressive Persistent Threat (APT) actors and how they would target and get access to an organization. After a few years, he moved on to MWR InfoSecurity, a research-led cyber security consultancy, where he rose through the ranks and moved to Singapore to expand its business to Asia.
“The only place a dropout 17-year-old hacker can go – this magical industry called computer security.”
NEW CULTURE, SAME SECURITY
In Singapore, Ben worked with a new set of international clients, with a cultural setting quite different from Europe. Up to that time, the Asian market had viewed cybersecurity in a similar way to insurance – a choice rather than a necessity. However, as Asian organizations started to see more sophisticated attacks, they started to take cybersecurity prevention seriously. As far as inflection points go, the timing was perfect.
As the company grew and Ben was promoted to Technical Director, MWR InfoSecurity was bought by F-Secure Corporation. His experience in the larger business would plant the seeds for a desire to find what else could be done in cybersecurity. The rise of ransomware has become a driving force for the industry. Now, the bad guys have better tools and are more sophisticated in their approach. To Ben, this increase in sophistication required a different approach to cyber security, so he began drawing up plans for his own company. The goal was to create a platform that can defend against new threats by combining the new age of data analysis with the instincts and experience of security experts. With experience in tow, Ben set out to craft a startup to match his vision – watchTowr.
One key learning Ben would take to watchTowr was the understanding that cyber attackers have fundamentally changed how they target organizations. Organizations have become increasingly adept at building strong walls around their digital assets, so attackers can no longer focus on probing individual endpoints looking for technical vulnerabilities. Instead, attackers have realized that in today’s mobile and interconnected world, people and data from organizations need ways to get in and out of the building. The ‘doors and windows’ that enable this movement are the new attack vectors. Attackers can target everything within the company as well as third parties who the company works with, as they are all linked.
Why try and kick down the walls when you can obtain the actual keys that will let you walk straight in? This question is what Ben focused on to stay a step ahead – where attacks would originate was the key to constantly monitoring each company’s security. In this way, the task of securing an organization has become less about preventing a technical attack and more about how to identify vulnerabilities and swiftly stifle possible attacks. watchTowr’s approach is to combine the latest advancements in big data analysis with expertise – expertise that has been built “in the field”. The company’s experts undertake behavioral analysis, breach analysis and in-depth vulnerability research to identify how attackers might gain access to a company. This expertise enables watchTowr to rapidly codify and modularize new attacks and techniques that can be used by adversaries, simulating these attacks with millions of assets, continuously.
“We are looking to data and technology to automate tasks that no longer need human input, so we can free up human intelligence to solve the more complex challenges.”
A LEARNING PROCESS
For a company that only started in the second half of 2021, watchTowr’s rise has been swift, but it has not been without challenges. “The whole experience has been a learning journey! We are learning something new every day,” Ben says with a smile.
Recruiting in particular has been tough. Identifying people with specific technical skills to play a particular role in a quickly evolving environment proved to be a Sisyphean task. A shift to, “hiring clever people to do clever things,” and focusing on finding people with a desire to work in the intense, fast-paced environment of a startup has helped the company build a close-knit, experienced team.
Looking to the future, while Singapore is the company’s headquarters, with Fortune 500 and international banks as their clients, watchTowr’s reach is global. The company is primed to expand into Western markets sooner rather than later.
To get there, even with all the experience and success watchTowr has had since its founding, Ben knows there is still more to do to increase the power of the company’s approach to cybersecurity. “We are looking to data and technology to automate tasks that no longer need human input, so we can free up human intelligence to solve the more complex challenges.”
For now, Ben and watchTowr are getting recognition for their achievements. Among other things, Ben was named in Asia’s Forbes 30 under 30 for Enterprise Technology in 2022. Not bad for a high-school dropout!